scinote-eln/scinote-web
1
1
Fork 0
mirror of https://github.com/scinote-eln/scinote-web.git synced 2025-01-04 06:36:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add sanitization of group/type to sample edit [SCI-902]

Browse source
This commit is contained in:
Oleksii Kriuchykhin 2017-01-24 16:58:03 +01:00
parent a04f05eeb3
commit fe6d6842c2
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/samples_controller.rb
View file

@ -128,8 +128,12 @@ class SamplesController < ApplicationController
sample_group: @sample.sample_group.nil? ? "" : @sample.sample_group.id,
custom_fields: {}
},
sample_groups: @organization.sample_groups.as_json(only: [:id, :name, :color]),
sample_types: @organization.sample_types.as_json(only: [:id, :name])
sample_groups: @organization.sample_groups.map do |g|
{ id: g.id, name: sanitize_input(g.name), color: g.color }
end,
sample_types: @organization.sample_types.map do |t|
{ id: t.id, name: sanitize_input(t.name) }
end
}
# Add custom fields ids as key (easier lookup on js side)